cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
977
Views
0
Helpful
6
Replies

as-path prepend problem...

rmiles
Level 1
Level 1

We have two ISP's. ISP 1 is a 5MB synchronous link. ISP 2 is a T1. ISP 1 is a tier 2 or 3 (not sure) and ISP 2 is a tier 1.

We want to use the 5mb link for all traffic. The T1 is only to be used when the primary 5mb link fails.

My SE had me configure the ISP 2 router for as-path prepend to make it appear as the less preferred route.

With ISP 2 router turned off I can look at a public router and see my advertised routes going through 5 AS's. With ISP 2 router up and NO prepending my preferred path switches to the T1 link, which is not what I want. So, I put in as-path prepend commands and they appear to be working in a sense. Now when I look at a public router the preferred path is still through the T1 (not good), but it does show the multiple AS's that I entered in the prepend command. I have put it all the way to 10 AS's and it still doesn't take the 5MB link. Shouldn’t I be seeing two paths to my AS? The command I am using is sh ip bgp reg xxxxx.

Also, the path seems to depend on the source location. If I go to say apple.com and download a file it comes through the 5mb link, so it IS taking the correct path. But, other times at other random web sites the inbound traffic comes through the T1, so it is still considered the preferred path for some routers out there.

Should I look into alternatives to the prepend command or is something else going on here?

ISP 1 (preferred path) router config:

router bgp xxxxx

no synchronization

bgp log-neighbor-changes

network x.x.x.x mask 255.255.255.0

network x.x.x.x.0 mask 255.255.255.0

network x.x.x.x mask 255.255.252.0

neighbor x.x.x.x remote-as xxxxx

neighbor x.x.x.x ebgp-multihop 4

no auto-summary

ISP 2 (less preferred path) router config:

router bgp xxxxx

no synchronization

bgp log-neighbor-changes

network x.x.x.x mask 255.255.255.0

network x.x.x.x mask 255.255.255.0

network x.x.x.x mask 255.255.252.0

neighbor x.x.x.x remote-as xxx

neighbor x.x.x.x route-map prepend_as out

no auto-summary

route-map prepend_as permit 10

match ip address 2

set as-path prepend xxxxx (x10)

route-map prepend_as permit 15

match ip address 3

set as-path prepend xxxxx (x10)

route-map prepend_as permit 20

match ip address 4

set as-path prepend xxxxx (x10)

Thanks!

6 Replies 6

Harold Ritter
Level 12
Level 12

I suspect that this issue might come from the fact that ISP 1 is getting transit connectivity from ISP 2.

This is easy to verify. Check that you still see ISP 2 ASN in the as-path when your link to ISP 2 is turned off.

In any case, the easiest way to fix this issue is to use conditional advertisement, which allows you to advertise your local prefixes out to ISP2 only if you loose connectivity to ISP1.

For more information on conditional advertisement, refer to the following document:

http://www.cisco.com/warp/customer/459/cond_adv.html

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

I don't think I see ISP 2's ASN in the path when ISP 2 link is off. I will check on it though.

With conditional advertisement would it cause longer outages if ISP 1 went down waiting for ISP 2 link to advertise?

Thanks!

Ok, I just checked the as paths.

With both ISP links up and testing from a random internet router the path is:

network-63.145.197.0/24 next hop-154.11.63.85 weight-0 path-852 209 32511 32511 32511 32511 32511 32511 32511 32511 32511 32511 32511 i (we are 32511)

With ISP 2 link down the path is:

network-63.145.197.0/24 next hop-154.11.63.85 weight-0 path-852 3356 7018 22291 32511 i

So it doesn't appear that ISP 1 goes through ISP 2's AS.

In this specific case we can't see why Telus selects the path coming from Qwest rather than Level3 (probably better local-preference) since their route-server is not part of AS852.

Bottom line is, the best way to make sure that all traffic will use the primary link is definitely to use conditional advertisement.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Conditional advertisement should not cause a longer outage. Bear in mind that if that without conditional advertisement, the path via ISP 1 has to be withdrawn before traffic from the Internet starts converging via ISP 2. With conditional advertisement, you depend on propagation delay for an update instead of a withdrawal.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Thanks for the help Harold. I'll give conditional advertisement a try. I had never even heard of that before.

In the example they cue off of not receiving a specific route. We only receive a default route from both ISP's, so would that be the route I look for? So, if I don't receive a default route from ISP 1 I start advertising to ISP 2?

Thanks

Review Cisco Networking for a $25 gift card